CVE-2026-33849
Improper Memory Buffer Restriction in LinkingVision RapidVMS
Publication date: 2026-03-24
Last updated on: 2026-04-20
Assigner: Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linkingvision | rapidvms | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improper restriction of operations within the bounds of a memory buffer in linkingvision rapidvms software versions before PR#96. Essentially, the software does not properly limit certain operations to the allocated memory buffer, which can lead to memory corruption.
How can this vulnerability impact me? :
The vulnerability has a high severity score (CVSS 8.8) and can be exploited remotely with low attack complexity and no privileges required. It can lead to high impact on confidentiality, integrity, and availability, meaning an attacker could potentially execute arbitrary code, access sensitive information, or cause denial of service.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know